Let me elaborate on that. I do not find as much time to work on this
blog, as I’ve had when I started it initially. Because of my super
geeky setup, which had involved only non-standardcomponents, lots of
maintenance was needed to keep it working, and especially to keep it
secure (security patches). If I had more time, I’d prefer to run my
own infrastructure, but right now I clearly can’t do this anymore.

This is sort-of a sad update to my penguinphone post. As I wrote there, I had still refused to give in to Android… this is no longer true. I am using CopperheadOS as my day to day phone now, and bought a new phone for that. As you can see from the lack of both activity in the GitHub repo of penguinphone and from the lack of similar projects for the N900, not much happened either from my side or from the rest of the community (which means in other words, that there is not much left of that community). I guess, that they all have realized sooner or later, that we aren’t enough coders/hackers to create an alternative operating system for the N900. I mean even Mozilla with their huge resources and money have failed to create their FirefoxOS for mobile phones (not for the N900, but generally as Android alternative) - this must mean something. Let me elaborate from my point of view, why it is basically an impossible task.

Fixing Maemo

Maemo is the stock operating system for the N900. It has hopelessly outdated software (Firefox based browser “micro-g”, kernel, glibc, openssl, wpa_supplicant, just everything), and some core components are closed-source. The obvious action would be, to try to replace the whole operating system with free software, and also to update all applications. But try to port a newer Firefox version to Maemo, that is as resource efficient, as micro-b for example… that alone is an impossible task for one developer!

Replacing Maemo

So I went on to replace Maemo. I have created a very basic Maemo-like user interface and optimistically hoped to either find the energy to do the rest of the operating system (seems to be impossible now!), or to re-inspire the N900 community to join my effort. As I said in the introduction above, this did not go anywhere.

Missing (Cryptography) Applications

Even if someone did update Maemo / make a suitable replacement, that can do basic things such as calls over the cellular network: You can’t do any encrypted messaging and calls with your friends (not counting nerds who know about XMPP etc.)! Signal - to name the most prominent example - is an App rolled out fairly well on Android phones and easy enough to use, so you can even install it on your grandma’s phone. It replaces the default SMS application, and lets you do encrypted communication whenever two users, who have Signal installed, want to communicate. So this is exactly the kind of application you would want to use on your self-written operating system. But the bad news is, it really is only available on Android. Sure, there is Chromium plugin, so you could use it on the Desktop - but as I understand, it can only be used in combination with your phone (and on the browser, you can only type messages, but not do any calls). And even if the chromium version would be usable, it would probably eat up all RAM and CPU of the N900!

This is just one example, the same goes for basically all crypto messengers and for the Tor Browser (Orfox).

It is also not trivial to run Android applications anywhere but on the Android OS, because Android has its own graphics stack. You can’t even run the Android apps directly on your regular Linux distribution, although both operating systems build on the same kernel! Even app developers boot up a fully bloated Android VM to get anything done. What we would need, is something like WINE, but there is nothing that is even close (I can’t even find the homepage of the icedrobot project anymore!).

What do we do now?

I guess, we are stuck with Android for phones for quite a while. We should focus on having a truely open and more secure version of it at least. That is the goal of the Replicant project - but as they are also outdated and insecure as of now (January 2017: still based on Android 4!), CopperheadOS seems to be the only sane choice. They keep up with the Android release process, have instant security updates, use open components wherever possible, ship the F-Droid store with open source apps by default. Now even with an own Signal version (that of now can not do calls yet, but that might come at some point in the future).

Just to make this clear: If you install any Android ROM based on an outdated Android version (Replicant, Cyanogen, OmniROM, Paranoid Android, you name it), it just takes one MMS for an attacker to have root access to your phone and you won’t even notice. It can read all your passwords, messages, listen to your calls, track your location, record audio and video of you, encrypt your files and blackmail you to give them money in exchange for the password/the stolen data (or infect other people). Cryptography applications like Signal can not protect you from this. It is irresponsible to have an outdated Android version, if you know anything about security.

Note: It is also possible to create your own version of CopperheadOS, with a different mix of security. You can have the Google Play store installed (negative impact on security, because you must trust closed source software), but then you can use the stock Signal version (positive impact on security, because phone calls work there, and it is generally the only version, that is officially supported from OpenWhisperSystems, its authors) and possibly route everything through TOR (positive impact on privacy). Then again, you MUST create your own derivate version whenever there is an updated version of CopperheadOS available, especially when it is a security update. From my experience, these updates come every week or so! If you are interested in that trade-off, check out mission-improbable, which does just that.

You may have noted, that CopperheadOS is only available for a very limited selection of devices. If you are a hacker, and your phone fulfills the requirements, try to port it and collaborate with the project.

Let me end this post with a quote about CyanogenMod - which does not make the situation better. It is completly revolving now anyway, as the company behind it has ceased (they are rebranding it to LineageOS and right now have not made a single release yet). So CopperheadOS was once based on CyanogenMod and switched (source):

When we used to be based on CyanogenMod, we found several local privilege escalation vulnerabilities in su exposed to all apps even with it disabled, and it’s not entirely fixed. In general code written by the ROM community puts features first and isn’t mature or well-reviewed code. It’s not written with security in mind. It’s counter-productive to use it for security reasons.

I really wish we had more alternatives (even for “Android distributions”), but right now I can only recommend CopperheadOS. Rest in peace, N900.

No, this post is not about the radical dictator whose regime is responsible for the death of millions of people. If you’re like me, that idea pops directly into your head when you read about stali.

The only connection from the above to what I’m writing about today may be the word radical. It’s suckless.org’s very own Linux distribution: stali, which stands for static linux. They link everything statically, and besides that, do everything you would expect from their philosopy (which is ideogically not far away from my own as you may have noticed): No systemd, musl libc, better security and relieability through minimalism and what not. What really stands out in 2016 is using git as binary package manager. Here is their version of pacman -Syu:

; sudo su
# cd /
# git pull

Stali is quite old actually, from their front page it looks like they have revised their goals in 2010 (so it is even older) – and for a very long time they have had nothing to show from the distribution, except for their interesting ideas. In the meantime, sabotage appeared with similar goals (that’s the operating system running on this very webserver) and I thought stali would have more or less set the ideas for sabotage and that’s it – they would not go anywhere.

But I was wrong, there has finally been a release of stali this month (reddit, infoworld)! This distro is certainly not for averange Ubuntu Joe, but if you’re either looking for a minimal Linux kernel based operating system or want to learn about interesting design decisions in order to create one yourself, go check it out!

I still refuse to give in to Android and other “modern” smartphone operating systems. Read my about page to get an idea why I dislike them.

Consequently, I have planned to create my own perfect mobile phone GNU/Linux distribution for several years. My focus has shifted a lot from a statically compiled base distribution with carefully crafted base packages (basically sabotage) over an all-crypto phone, that would only work over Wifi and protect metadata (something like Ricochet) to what it is now.

I still want to have all the good crypto stuff, but at the same time, I personally need a phone that “just works” with the uncrypted legacy systems. That is, making normal phone calls and writing SMS. I’d rather do that from a proper GNU/Linux phone, than from a normal phone over which I have even less control.

So I have started with the basics - getting a normal GNU/Linux usable on the phone. With phone, of course, I mean the N900 and with GNU/Linux I have decided to go with debian900. The latter choice was made, because there aren’t many real GNU/Linux distributions, that somehow can work on the N900. Arch Linux ARM on N900 was promising, but it is unmaintained as of now - and unlike the debian900 scripts, it relied on adding an extra repository with the kernel in it, rather than providing a script, that just builds the latest kernel with N900 patches from source.

Some notes about Debian - I will definitely keep it supported with my project (because it should run on all distributions), but I might switch to another distribution as base system at some point. I like, that Debian made the most progress on reproducible builds so far, and how many pre-packaged applications there are. However, I am not a huge systemd fan and I find it incredibly hard to write Debian packages compared to Arch PKGBUILDs, sabotage recipies and Void Linux whateveryoucallthembuildscripts. So I might switch to Void in the long run.

Back to topic. I write this blog post, because I have released the first public version of penguinphone. On GitHub and in the talk.maemo.org forums. Right now, it extends i3 (yes, the tiling window manager) with touch buttons and menus to launch and switch applications, and for closing the currently running application. Doesn’t sound like much yet, but it comes with a nice, minimal development environment (Xephyr, run another X server inside your X server) and has highly efficient C code and everything valgrind-tested. And it will be compatible with Wayland, once sway gets the necessary features!

I really think, that it’s a start. And I felt like I needed to release this, before I start working on the SMS and phone calls part. Because that will be a whole lot more complex and it will take even more time, until there’s something to show off. I plan to wrap SMS and calls with a XMPP gateway and use the Python program Gajim or any other XMPP client, that supports the Jingle extension, as an interface.

Trivia: When I posted my project in #neo900 on freenode IRC, user bencoh pointed me to an interesting dead project, that had similar goals: FreeNIT

So if all this interests you, go ahead and try penguinphone on your GNU/Linux desktop. It’s really easy, git clone, make testenv and you have a little X server window inside your normal X server, ready with the full environment to play with.

I’ve been using sway on Wayland the last few days. It tries to be i3 compatible and has an impressive list of features supported already, most notably the (still from time to time crashing) statusbar. The best part is, that sway is being actively developed, so a hand full of good fixes, commits and pull requests arrive every day!

X11 applications can be started on sway through XWayland and don’t look different from other programs.

There are also other tiling WMs for Wayland, the most promising ones being velox and orbment. But they are not as actively developed, don’t support a custom wallpaper (sorry, that’s important for me!) and do not aim for i3 compatibility.

UPDATE: If you don’t want to read the source code of the Let’s Encrypt tool you’re using, you might as well use the official client, that does a bit more magic. Don’t get me wrong, the official client is open source, too. But it has way more lines of code, so it’s harder to read through. The Hiawatha user VirginSteele posted a four-step tutorial here (scroll down to the entry with the timestamp 12 November 2015, 14:43). One notable difference is, that you don’t need to stop the webserver there, as the letsencrypt-nosudo script I’m using in my tutorial can’t do this yet.

Previously this blog simply used a self signed certificate, because I knew that Let’s Encrypt was about to be released later this year. Of course, this means, that every time anyone has visited the blog, that person would see a big scary warning message, that the connection is not trustworthy.

So two days ago, I got a e-mail titled “Let’s Encrypt Closed Beta Invite”, which told me that I may try to obtain my certificate now. That is, because I’ve taken part in the private beta program, that they have launched. If you’d like to join, in the EFF article I’ve linked is a link to some Google Forms (that’s a bit scary from a privacy point of view!) document, where you can type in your e-mail address and the domain(s) you would like to register. I did that a few weeks ago, I think.

I’m not really running a mainstream distribution or webserver and know how to install a certificate myself. So I’ve decided to go with letsencrypt-nosudo from Github. As with the official letsencrypt client, it requires python2. The source code is slightly less than 400 SLOC, so I could read through it before using it.

The only thing I’d like to see improved is a version that doesn’t need python (or any other dependency) at all, so it fits better in sabotage’s philosophy (see minimal bloat section). Someone asked here for a version with CLI-tools only, but was told that this isn’t practical due to JSON Web Signatures, which aren’t implemented in any such tools. However, the protocol is open and maybe some day someone will write a tiny C client, that does the same thing as the python script above (assisting you in getting the certificate, not messing with your configs).

Back to topic. Let’s Encrypt is really awesome and everyone should use it, who doesn’t have a valid certificate yet (or even worse, is hosting their services without TLS)! And the automatic installation and configuration in HTTP daemons is a good thing for most people, because it will really spread the usage of TLS, improving peoples privacy a bit every time.

Just a quick note, that the 0.4.0 version has been finally released! And it fits the feature description announced in the previous post (except for the ‘maybe: rumble support’ part, that didn’t make it in the release).

Windows installers were REALLY in my way this time, so I might write down my rantastic tale about them soon.

Does anyone remember Grand Theft Auto 2 from 1999? It’s that top-down game, where you can do many of the things, that you can do in more recent parts of the series. Stealing cars, shooting people, doing missions and so on.

I’ve been trying about one month in 2012 and another one in 2013 to get a splitscreen mod going, basically by starting multiple instances in network mode on localhost and moving windows around. Each attempt failed, because I couldn’t send input to all windows at once and so I lost interest again.

I was still amazed by the concept and wanted this hack to happen, so I picked up the project again in 2014. And this time it really got far: I wrote a component that talked to each GTA2 instance via TCP - and with some additional memory hacking, suddenly it was possible to send fake input to each instance independently!

To turn it into something usable, the splitscreen hack wouldn’t be enough. The users also need a convenient way of controlling their player, so it should have game controller support. And while we’re at it, why not make that game controller support work in single player, too?

Stepping it up, I called the whole thing a meta-mod that will combine more smaller mods and announced it in the somewhat still alive GTA2 community at the GTAMP.com forums under the name GTA2: Hacker’s Remix. This is the home of lots of community based GTA2 content, such as the online gaming lobby GTA2: Game Hunter and Vike’s enhanced GTA2 (without that my hacks wouldn’t have been possible).

That thread was started in November, and until January ‘14 I’ve had released 5 alpha versions, the last one being 0.3.2 which is also the latest version right now. It’s feature set consists of the following:

That sounds like pretty much everything there is to do, right? Nope, I’ve envisioned lots of other features even in 2012. My goal was to integrate the splitscreen mode in the game menu, so it feels like part of the official game.

Hacking the game’s menu had some big problems (for example: it looks ugly in 32bit color mode), so while I was at it, I’ve decided to fully reimplement the menu. And that’s the reason why there has not been a release for the past months, something like that can’t be done over night.

Furthermore I thought replacing most AutoIt3 code with C99 and writing something like my own SDL2 GUI toolkit (although not as an external library right now, but maybe in the future) were good ideas. And I still think that they are, though they may have slowed down development some more.

On the other hand, Black Phoenix, the author of the unfinished OpenGTA2 (aka. OpenGBH) engine allowed me to use the source code from his C tools (audio, sprite and font parsing!) as base for my code and that surely saved lots of time.

About 500 commits on github later, the menu was working well, but not polished enough for a release (and code from earlier releases still needs to be re-integrated). In my story telling, it’s end of June 2015 and I had to do other stuff again.

Fast forward a bit more than another month and now it is August ‘15. I want to spend the next ~2 weeks on getting a new release ready, so all that work turns into something usable again. There’s a lot to be polished and even some features are missing right now, but we’ll see what happens. Features that can be expected:

a menu that looks and feels like the normal GTA2 menu

all ressources (fonts, sprites, sounds!) are loaded from the normal game files without converting them

the splitscreen mode is integrated into that menu

the menu can be controlled with the game controller

at least basic config files for controller button mappings

simple, optional update notifications

a custom credits screen, that can be scrolled through manually (of course it also scrolls automatically)

a message shows up in the game, when the controller layout changes

maybe: rumble support

So this is my “short” summary (really, it could have been far more detailed and technical) of what has happened so far with my GTA2: Hacker’s Remix meta-mod. If you’re wondering, why I put so much work in modding a 16 year old game: I’ve learned a lot about reverse engineering, coding (especially C) and GTA2 is just fun to play. Also I’ll be able to re-use lots of this (eg. the GUI toolkit) in other projects.

Content

This blog is about good (and sometimes bad) modern information technology, how defective and insecure the majority is and how we might be able to fix it. In my opinion, there are three important characteristics of good software:

efficient technology that fulfills all its quality aspects (security, simplicity, speed, resource usage, maintainability, …) as perfectly as possible, through the whole stack. More lines of code always mean more bugs!

no social exploitation: it should not exploit anyone in our society through annoying advertising, malware, backdoors, privacy invasion (aka big data), proprietary formats, patents and so on. One might think that libre software (and hosters of such) is always free of that crap, but itisnot!

Just to be clear, with the word social in the tag-line, I do not mean any kind of social network. Sadly all of these fail the principles listed here, even the libre ones (if you find one that implements end to end encryption consistently and doesn’t offend any of the points listed here, let me know!).

It is possible to monetize technology and respect these principles at the same time (for example through donations), but that is definitely harder.

Username

If humanity keeps developing its technology so carelessly and error-prone, one day we might have an anarchy of robots ruling the earth ;) Please note that anarchy often gets confused with anomie:

Anarchy is compared to, or even described as equal to chaos or anomie. However, anarchy is defined by the lack of a ruler, and anomie by the lack of rules. (Rational Wiki)